Received: by 2002:a05:6500:2018:b0:1fb:9675:f89d with SMTP id t24csp262095lqh; Thu, 30 May 2024 23:53:06 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCW6ltLX/IUVtIOsUd95xtz+qAAINaJ1Ab0u60VQl3sxa9gxChnHLoLK/m9AT1guInTyYwJ7GcK9e2Qbc0T4G9k0H4lDlnGsi0yyaa3QyQ== X-Google-Smtp-Source: AGHT+IHIr8kw5d6SQDeCOunvziw3dgfJQFlUNjm4H1mSzEHyKjqOvkvns69L11Ts/JAjxyfThyvP X-Received: by 2002:ac8:5707:0:b0:43a:beea:5803 with SMTP id d75a77b69052e-43ff54d9b80mr9895031cf.50.1717138386097; Thu, 30 May 2024 23:53:06 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717138386; cv=pass; d=google.com; s=arc-20160816; b=Tx25enPksc/zccpORGmqYmhHjN2PbuVjjKkz/KBrd1u0U67MVZ+fjKnP6TpKI7dtYr PTakXpcN0UIQH20tcIs4NzN57MU2+v3aFS+6l0/suQyqKkAZmXDV9EAPKvYOnmFTXh8m vuUFwI44gEskqt9B9O1TXvppSYZdW9+8ICbW3xZqPIOEtXyYX1v7LtgZEFLkrVTAYhTV OgOmrwihfjat6KtQ5lDK0Ja8xZ6ximM9Ez++B0WXd8Mdm5zwNB5Qjnplr/LZ+tJhwn15 ZvI2xJjM76bFfeERvjMbL5azDqFXUWD2WltnRt4jGMrt1D/NMmb6OA9pRzyILCtAuKlU 9wZA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=MceoLuh1rmqb4R/3xNAHwuerlwIHu0ajJSvvcNSJZPY=; fh=BVP83eNr+oWatb4qMBZYyHe7HobjerBKYantRajwKl4=; b=NCUdsCrEruKVvwevD8bwS9NrcxBYUiRjOk4jsKo885G8iG7jLNEbNhGL02ewob5v++ tUmjLz0JQfpqudJsGlmPdjgS6mHzk0hs8sp6sBwmgBpU87UY+MubjmCqldL5oKbrrBGE AInaycAlDB948foBxOAG4aMPgzi/fYmjb20DFS8BPJOXWe5amS8TDpb0caQGHDtMrGTx lPOxMg43yqW3l7w0GfqJLq6JLN2vznPgqFcwVN1uAZKJ7DtNUjIuh5RqCHFsWbTtwaMV eliCYL9daK1LLDOVnOpBcyZRIaHzSzTCuNQP6AmMsCVIYSVV2uPDCuj6AHjulDD8Bzec 8Fqg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=lcfbWXSe; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4582-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4582-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id d75a77b69052e-43ff2466928si14134321cf.268.2024.05.30.23.53.05 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 30 May 2024 23:53:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto+bounces-4582-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=lcfbWXSe; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4582-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4582-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id BBB451C2254A for ; Fri, 31 May 2024 06:53:05 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 6EB3A80626; Fri, 31 May 2024 06:53:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="lcfbWXSe" X-Original-To: linux-crypto@vger.kernel.org Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 20F4D80025; Fri, 31 May 2024 06:53:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717138381; cv=none; b=CBs4Lzerd0VHIFZxYVYXODXsVwsOoGjnpFo9wVnhNVPUkwNoWv8/TgzDuP/z8TUFJchq56vWI/4udrXgrOmluYvX5ZWOtDzhM8HsTgEuh+NrHY42p0+NcGS8AADE6ZEOg7P/zmIjQmcHI4R3JOT0GjMxwPNmQcg5diGPMsryWhQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717138381; c=relaxed/simple; bh=jbRblOzBr7lRYlUaucJDVxoE9gSNIZAerMvYUvNHzWU=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=AwonhsXcrfV7ZVWHCHtz7Vn9cXLNQ+mRzwtHjf31AN5cyQ7MInZ51aoj+zNRspVM5Ux57ldeo6C3SKZouGpAOAdc4pzz+gdaD7eVuphGLiGUkZifFpW5ZGMMbWwCA0F2NUDBLzjQXb9xci+vUP/QFVoyTgbF3ZObnhgW0KYReEM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=lcfbWXSe; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5F413C116B1; Fri, 31 May 2024 06:53:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1717138380; bh=jbRblOzBr7lRYlUaucJDVxoE9gSNIZAerMvYUvNHzWU=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=lcfbWXSeUnI69nk5WuQJvKTVVwjkcCqw0WfYfByVZCx7gwCkp6qSlHXzoM/Z9+vd2 3Q2tqmiOegwZi2I4aDhHqC5rwTduSVuQm+uLI9Ih+7Z2qPx3+dhdE6VHVJQgcMATLW GELNwUMxOLcaf1QxG20ippUJcCYawkMyyQJCz9p5FwmZypZ+aDd55kXoCdNyS/8cm/ k1K0sGZ+Sss7BhAh0EX6RejOIPzsUAeGAhUpwc4ysuII+5yAh0el8WgxWG1jBKVLR6 Wihwk7fV0punCRJa/wJ+I/EQdZpTPlko42tXM53/ZKsNT0/hHStot1K7qAMhA2nyTR Wc+MsBvs5Ymgw== Date: Thu, 30 May 2024 23:52:58 -0700 From: Eric Biggers To: Herbert Xu Cc: linux-crypto@vger.kernel.org, fsverity@lists.linux.dev, dm-devel@lists.linux.dev, x86@kernel.org, linux-arm-kernel@lists.infradead.org, ardb@kernel.org, samitolvanen@google.com, bvanassche@acm.org Subject: Re: [PATCH v3 6/8] fsverity: improve performance by using multibuffer hashing Message-ID: <20240531065258.GH6505@sol.localdomain> References: <20240507002343.239552-7-ebiggers@kernel.org> <20240531061348.GG6505@sol.localdomain> Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240531061348.GG6505@sol.localdomain> On Thu, May 30, 2024 at 11:13:48PM -0700, Eric Biggers wrote: > On Fri, May 31, 2024 at 12:50:20PM +0800, Herbert Xu wrote: > > Eric Biggers wrote: > > > > > > + if (multibuffer) { > > > + if (ctx->pending_data) { > > > + /* Hash and verify two data blocks. */ > > > + err = fsverity_hash_2_blocks(params, > > > + inode, > > > + ctx->pending_data, > > > + data, > > > + ctx->hash1, > > > + ctx->hash2); > > > + kunmap_local(data); > > > + kunmap_local(ctx->pending_data); > > > + ctx->pending_data = NULL; > > > + if (err != 0 || > > > + !verify_data_block(inode, vi, ctx->hash1, > > > + ctx->pending_pos, > > > + ctx->max_ra_pages) || > > > + !verify_data_block(inode, vi, ctx->hash2, > > > + pos, ctx->max_ra_pages)) > > > + return false; > > > + } else { > > > + /* Wait and see if there's another block. */ > > > + ctx->pending_data = data; > > > + ctx->pending_pos = pos; > > > + } > > > + } else { > > > + /* Hash and verify one data block. */ > > > + err = fsverity_hash_block(params, inode, data, > > > + ctx->hash1); > > > + kunmap_local(data); > > > + if (err != 0 || > > > + !verify_data_block(inode, vi, ctx->hash1, > > > + pos, ctx->max_ra_pages)) > > > + return false; > > > + } > > > + pos += block_size; > > > > I think this complexity is gross. Look at how we did GSO in > > networking. There should be a unified code-path for aggregated > > data and simple data, not an aggregated path versus a simple path. > > > > I think ultimately it stems from the fact that this code went from > > ahash to shash. What were the issues back then? If it's just vmalloc > > we should fix ahash to support that, rather than making users of the > > Crypto API go through contortions like this. > > It can't be asynchronous, period. As I've explained, that would be far too > complex, and it would also defeat the purpose because it would make performance > worse. Messages *must* be queued up and hashed in the caller's context. > > What could make sense would be some helper functions and an associated struct > for queueing up messages for a particular crypto_shash, up to its mb_max_msgs > value, and then flushing them and retrieving the digests. These would be > provided by the crypto API. > > I think this would address your concern, in that the users (fsverity and > dm-verity) would have a unified code path for multiple vs. single blocks. > > I didn't think it would be worthwhile to go there yet, given that fsverity and > dm-verity just want 2x or 1x, and it ends up being simpler and more efficient to > handle those cases directly. But we could go with the more general queueing > helper functions instead if you feel they should be included from the start. > Looking at it again a bit more closely, both fsverity and dm-verity have per-block information that they need to keep track of in the queue in addition to the data buffers and hashes: the block number, and in dm-verity's case also a bvec_iter pointing to that block. So I think it really does make sense to have them both handle the queueing themselves, and not have it split between them and some crypto API helper functions (i.e. two queues that mirror each other). It would be possible, though, to organize the code in dm-verity and fsverity to represent the queue as an array and operate on it as such. That would also address your concern about the two code paths. Again, things would end up being a bit less efficient than my more optimized code that handles 1x and 2x (which is all that's actually needed for now) specifically, but it would work, I think. - Eric